search cancel

TLS sites using TLSv1.3 draft 23 may be reset when inspected by the SSLV


Article ID: 171172


Updated On:


SSL Visibility Appliance Software


The RFC for TLSv1.3 is currently in a draft phase. Field trials of draft 23 have started recently in certain browsers and this may result in flows being reset when being inspected by the SSLV. 

Version 3.x

SSLV version 3.x by default cuts through TLSv1.3 flows. There should not be any issues with draft 23.

Version 4.x

SSLV versions up to 4.2.2.x will record a "Missing Extension" error in the session log and the flow will be reset or browsing you will receive this error message "ERR_SSL_VERSION_INTERFERENCE"


As the RFC for TLSv1.3 is in a draft phase new extensions can be added or changed. When a particular SSLV version is released it supports up to the current working TLSv1.3 draft version, but any further drafts may not be supported. 


Version 3.x

No specific solution exists for SSLV 3.x versions, but it is recommended to run the latest.

Version 4.x

SSLV version supports TLSv1.3 drafts 18-23. To avoid any interoperability issues it is recommended to upgrade to this version.